Cisco 8861 Deployment Manual page 71

Wireless lan ip phone

Hide thumbs Also See for 8861:

Quick manual (3 pages)

Quick reference manual (3 pages)

Quick user manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

Table of Contents

EAPOL-Key Max Retries............................

EAP-Broadcast Key Interval.......................

If using 802.1x or WPA/WPA2, the EAP-Request Timeout on the Cisco Wireless LAN Controller should be set to at least 20

seconds.

In later versions of Cisco Wireless LAN Controller software, the default EAP-Request Timeout was changed from 2 to 30

seconds.

For deployments where EAP failures occur frequently, the EAP-Request Timeout should be reduced below 30 seconds.

To change the EAP-Request Timeout on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter the

following command.

(Cisco Controller) >config advanced eap request-timeout

If using WPA/WPA2 PSK then it is recommended to reduce the EAPOL-Key Timeout to 400 milliseconds from the default of

1000 milliseconds with EAPOL-Key Max Retries set to 4 from the default of 2.

If using WPA/WPA2, then using the default values where the EAPOL-Key Timeout is set to 1000 milliseconds and EAPOL-

Key Max Retries are set to 2 should work fine, but is still recommended to set those values to 400 and 4 respectively.

The EAPOL-Key Timeout should not exceed 1000 milliseconds (1 second).

To change the EAPOL-Key Timeout on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter the

following command.

(Cisco Controller) >config advanced eap eapol-key-timeout

To change the EAPOL-Key Max Retries Timeout on the Cisco Wireless LAN Controller, telnet or SSH to the controller and

enter the following command.

(Cisco Controller) >config advanced eap eapol-key-retries

Ensure EAP-Broadcast Key Interval is set to a minimum of 3600 seconds (1 hour).

To change the EAP-Broadcast Key Interval on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter

the following command.

(Cisco Controller) >config advanced eap bcast-key-interval

Auto-Immune

The Auto-Immune feature can optionally be enabled for protection against denial of service (DoS) attacks.

Although when this feature is enabled there can be interruptions introduced with voice over wireless LAN, therefore it is

recommended to disable the Auto-Immune feature on the Cisco Wireless LAN Controller.

To view the Auto-Immune configuration on the Cisco Wireless LAN Controller, telnet or SSH to the controller and enter the

following command.

(Cisco Controller) >show wps summary

Cisco IP Phone 8861 and 8865 Wireless LAN Deployment Guide

3600

400

3600

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

8865

Cisco 8861 Deployment Manual page 71

Hide quick links:

Related Manuals for Cisco 8861

Related Products for Cisco 8861

This manual is also suitable for:

Table of Contents